IT Support companies and departments in Boston (and of course elsewhere) are dealing with the challenges of supporting a mobile workforce. One key challenge is protecting company information when it resides on all the portable devices their users use such as smart phones, laptops, and tablets. There are 3 prongs to approaching this problem.
1. User Education: User education often gets short shrift as people look for a technology magic bullet but teaching people what they should and should not do is actually a key component of your security strategy. Don't assume your users know for example the risks of public wifi hotspots. Speaking of which we highly recommend you talk to your IT Support company or department about purchasing aircards or data tethering plans on their mobile devices for your users so they do not have to use public wifi hotspots. And of course don't forget general security awareness training on how to avoid getting infected or scammed. Train users and repeat the messages with notifications, emails, messages on your intranet, etc. so it is top of mind.
2. Policies: You can get as formal as you want here but the point is you have to decide as a company what will you allow people to do and not do. For example many companies require that any smartphones with company information such as email on them must have a passcode or thumbprint ID. Another common policy is restricting the use of file-sharing applications to whatever the corporate standard tool is. So people are not allowed to use personal file sharing services like icloud or dropbox. I will publish a longer post on file-sharing apps later but I will tell you that 2 of the ways we like to share data are A) a company SharePoint intranet or B) Egnyte - which is a dropbox-like application but with much more robust management designed for businesses, not consumers.
3. Technology: MDM (Mobile Device Management) is the category of software that you will be looking at to manage all these devices securely and efficiently. Some of the leading vendors are AirWatch, Mobileiron, Maas360, and Good Technology. These solutions let you deploy standardized profiles to devices remotely. So you can outfit your sales force with tablets and/or smart phones with a consistent set of apps, custom wallpaper, Wifi networks preprogrammed in, security policies (ex passcode required) predefined, etc. And these profiles are sent to the devices wirelessly so you can deploy and update the configurations remotely without user intervention. In addition to the convenience of being able to deploy standardized profiles to tablets, phones, and laptops you also have fine-grained control over the security settings of each device and perhaps most importantly the ability to remotely wipe or disable a device. If the device is company-owned then you can remotely wipe and manage the entire device. If the device is owned by the employee the MDM software sets up a seperate area on the device for company-related apps and data so that it does not intermingle with the employee's personal information in any way. When the employee leaves you can remotely wipe just the company information and not touch their personal information.
If you are deploying devices to a field force then an MDM solution is a must. But even if you do not have a field sales force you have employees who have company information on their phone, laptop, or tablet you can be sure. So an MDM solution still makes sense.
We'll publish blog posts that delve into MDM in more detail later. In the meantime if you have questions about MDM or just want help in supporting your mobile workforce in general call GizmoFish at 866-MY-GIZMO (866-694-4966) ext. 1. or simply click on the button below.